File libuser.changes of Package libuser

Tue Aug  8 09:53:44 UTC 2017 -

- Fix RPM groups. Replace old $RPM shell vars by macros.

Fri Jul 17 07:17:02 UTC 2015 -

- Refuse to write field value which contain \n
  Add 0001-Refuse-to-write-field-values-which-contain-n.-bsc-93.patch

Wed Jan 15 08:50:48 UTC 2014 -

- Split into libuser1 and libuser for shared lib policy
  libuser-0.60.patch: adjust installation target.

- Fix build for SLE11. Add g_malloc0_n.patch

- Split off -lang subpackage.

Wed Jan 15 07:50:03 UTC 2014 -

- Updated to 0.60

  * New functions lu_homedir_remove_for_user() and
  * libuser's pkg-config file no longer refers to internally-used libraries.
    glib-2.0 and gobject-2.0 are still included because they are required to
    use the API anyway.
  * When setting dates in shadow fields, avoid the special value 0 if the clock is
  * Miscellaneous cleanups.

Sat Jun 15 16:30:11 UTC 2013 -

- add suse-ldap.dif: fix path to slapd in SUSE

- update to 0.59

  * Fixed security vulnerabilities:
  * Race conditions in copying and removing home directories (CVE-2012-5630)
  * Information disclosure when moving users' home directory (CVE-2012-5644)
    Related changes:
    - INCOMPATIBLE API CHANGES: lu_homedir_move() and lu_homedir_populate()
      will refuse to use a pre-existing directory as a destination.
    - setuid/setgid bits are now preserved when copying regular files in home
      directories (from /etc/skel or when moving a home directory)
  * Empty fields in /etc/shadow are now treated as "missing", like libc does.
  * Specific values of the attributes can be used to represent "missing data".
  * lchage(1) now handles missing fields on both input and output.
  * Refuse to build when secure_getenv() is not available.
  * Miscellaneous bug fixes and cleanups.

  * API enhancements:
  * New helpers for attribute access replace 4-5 function calls with 1:
  * New header <libuser/fs.h>, providing lu_homedir_{populate,move,remove},
    lu_nscd_flush_cache(), and lu_mail_spool_{create,remove}.
  * lu_users_enumerate_by_group_full() and lu_groups_enumerate_by_user_full()
    are now fully supported.
  * New module-private function lu_util_append_values().
  * Documented that LU_*PASSWORD should not be manipulated directly.
  * deleteUser in Python bindings now removes the mail spool instead of
    creating it.
  * New warning in libuser.conf.5 about storing a LDAP password in system-wide
  * Module interface ABI has changed.
  * Miscellaneous bug fixes and cleanups, quite a few memory leaks fixed.

  * lu_users_enumerate_by_group_full() added, implemented ONLY for LDAP for now.
    Related functions and functionality in other modules will be added later.
    Applications are advised to NOT USE these functions yet.
  * group/user list by name of a user/group now returns an error if the
    user/group was not found.  The Python bindings enumerateUsersFull and
    enumerateGroupsFull no longer crash in this situation.
  * Updated translations.

  * Make it possible to use ldapi: URLs by not trying to use TLS (based on
    a patch by <>).
  * Hopefully fix races in test suite, causing failures on slower computers.
  * Mark --help messages for translation and improve them a bit.
  * Update translations.

  * Update translations.

  * Don't crash when a database file size is a multiple of page size.
  * Miscellaneous bug fixes and cleanups.

  * Don't assume user/group IDs start at 500 in Python getFirstUnusedGid and
  * Preserve S_ISGID and other bits when copying directories from /etc/skel.
  * Deprecate lu_*_t typedefs: use {struct,enum} lu_* instead.
  * Update to build with recent gtk-doc.

  * Fix adding LDAP users with empty gecos.
  * Correctly preserve algorithm used to hash an LDAP password when changing it.
  * Don't hard-code ports used in the test suite (to allow parallel development
    and builds).
  * Miscellaneous bug fixes.

  * Fix a crash when a module refuses to load with a warning (e.g. the "shadow"
    module when /etc/shadow is not present)

  * Resolve an ambiguity about "password" value format that could cause setting
    a known plaintext password in LDAP accounts: the "files"/"shadow" and LDAP
    modules may not be used together any more, and the module interface ABI has
    changed to support this.
  * Don't authenticate the user (in lchfn, lchsh, lpasswd) if the application
    is not set*id and it does not need elevated privileges.  In particular, this
    allows the above programs to be used for LDAP administration by unprivileged
  * Change default crypt_style to sha512.
  * Don't abort on invalid ID values.
  * Miscellaneous bug fixes.

  * Update translations.

  * New Python constant VALUE_INVALID_ID and function validateIdValue.
  * Update translations.

  * Update translations.

  * Update translations.

Thu Feb 25 15:34:46 UTC 2010 -

- updated to 0.56.14

Mon Dec  1 14:46:15 CET 2008 -

- created package (version 0.56.9)
  * based on Fedora package